package com.king.hpeproject.controller.base;

import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.ModelAttribute;

import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;

/**
 * 设备基础控制器
 *
 * @author xxx
 * @since 2025-08-20
 */
@Slf4j
public abstract class DeviceBaseController extends BaseController {
    private static final List<String> PARAM_SN_FIELD_NAMES = Arrays.asList("sn", "deviceId", "deviceIds", "pushTarget",
            "deviceSnList");

    /**
     * 横向越权防护
     *
     * @param request request
     * @throws IOException io异常
     */
    @ModelAttribute
    public void checkResource(HttpServletRequest request) throws IOException {
        List<String> snList = extractFromRequest(request, PARAM_SN_FIELD_NAMES);
        // 检查sn是否越权
        checkSnPE(snList);
    }

    /**
     * 检查Sn越权
     *
     * @param snList sn列表
     */
    private void checkSnPE(List<String> snList) {
       log.info("checkSnPE snList:{}", snList);
    }
}